Remove the ioctl permission for most socket types. For others, such as
tcp/udp/rawip/unix_dgram/unix_stream set a default unprivileged whitelist
that individual domains may extend (except where neverallowed like
untrusted_app). Enforce via a neverallowxperm rule.
Change-Id: I7573fdb24f9c53ad169bce2aeab1baac8b2a11ea
Also just remove all specific domain access and instead
allow diag_device access for all domains on the
userdebug/user builds.
Change-Id: I2dc79eb47e05290902af2dfd61a361336ebc8bca
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>